Security · 3h ago
Mustang Panda Hijacks Zoho WorkDrive in Indian Gov't Attacks
China-linked Mustang Panda is running two campaigns against Indian government and hydropower targets, using Zoho WorkDrive as a command channel. Acronis researchers found active compromises on machines used by senior administrative staff. The group deployed new malware in the ongoing espionage operations.
Meridian48 take
The use of a legitimate cloud service as a C2 channel underscores how state-backed groups increasingly blend into normal traffic to evade detection.
Read the full reporting
Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks →
The Hacker News
mustang-pandazoho-workdrive